<?php
if (isset($_GET['action']) && $_GET['action'] == 'dologin') {
// login action
if (isset($_POST['serverid']) && isset($_POST['name']) && isset($_POST['password'])) {
// all required data received
$tmpUid = ServerInterface::getInstance()->verifyPassword($_POST['serverid'], $_POST['name'], $_POST['password']);
switch ($tmpUid) {
case -2:
MessageManager::addWarning(tr('login_unknownusername'));
Logger::log_loginFail($_POST['serverid'], $_POST['name'], $_POST['password']);
Logger::log("[{$_SERVER['REMOTE_ADDR']}] failed to log in as user {$name}.", Logger::LEVEL_SECURITY);
break;
case -1:
MessageManager::addWarning(tr('login_wronglogininformation'));
break;
default:
// login success
$_SESSION['serverid'] = $_POST['serverid'];
$_SESSION['userid'] = $tmpUid;
$_SESSION['userLoggedIn'] = true;
echo '<script type="text/javascript">location.replace("?page=profile")</script>';
echo tr('login_success');
break;
}
} else {
// missing mandatory data
MessageManager::addError(tr('login_missing_data'));
}
} else {
// no login-action, thus show login form
if (isset($_POST['email'])) {
ServerInterface::getInstance()->updateUserEmail($_SESSION['serverid'], $_SESSION['userid'], $_POST['email']);
}
// remove texture
if (isset($_GET['remove_texture'])) {
try {
ServerInterface::getInstance()->updateUserTexture($_SESSION['serverid'], $_SESSION['userid'], array());
} catch (Murmur_InvalidTextureException $exc) {
MessageManager::addWarning(tr('profile_removetexturefailed'));
}
}
// new texture
//TODO reimplement setting texture
if (isset($_FILES['texture'])) {
if (!file_exists($_FILES['texture']['tmp_name'])) {
MessageManager::addWarning(tr('profile_texture_notempfile'));
} else {
$imgData = file_get_contents($_FILES['texture']['tmp_name']);
ServerInterface::getInstance()->updateUserTexture($_SESSION['serverid'], $_SESSION['userid'], $imgData);
}
}
}
?>
<div id="content">
<h1><?php
echo TranslationManager::getText('profile_head');
?>
</h1>
<form action="?page=profile&action=doedit" method="post" style="width:420px;"<?php
if (isset($_GET['action']) && $_GET['action'] == 'edit_texture') {
echo ' enctype="multipart/form-data"';
MessageManager::addWarning(tr('register_fail_emailinvalid'));
} elseif (SettingsManager::getInstance()->isUseCaptcha() && !Captcha::cap_isCorrect($_POST['spamcheck'])) {
MessageManager::addWarning(tr('register_fail_wrongCaptcha'));
}
// Everything ok, check if auth by mail
if (SettingsManager::getInstance()->isAuthByMail($_POST['serverid'])) {
// create Auth by mail (send activation mail)
// Add unactivated account and send mail
if (ServerInterface::getInstance()->getServer(intval($_POST['serverid'])) != null) {
// Server does exist
DBManager::getInstance()->addAwaitingAccount($_POST['serverid'], $_POST['name'], $_POST['password'], $_POST['email']);
echo tr('register_success_toActivate');
Logger::log_registration($_POST['name']);
} else {
// Server does not exist, add warning
MessageManager::addWarning(tr('unknownserver'));
}
} else {
// non-auth-by-mail, just add registration
ServerInterface::getInstance()->addUser($_POST['serverid'], $_POST['name'], $_POST['password'], $_POST['email']);
echo tr('register_success');
Logger::log_registration($_POST['name']);
}
} elseif ($_GET['action'] == 'activate' && isset($_GET['key'])) {
// Activate account
DBManager::getInstance()->activateAccount($_GET['key']);
echo tr('register_activate_success');
}
} else {
// no form data received -> display registration form
?>
if ($user != null) {
$newPw = substr(md5(rand()), 4, 8);
ServerInterface::getInstance()->updateUserPw(intval($_POST['serverid']), $user->getUserId(), $newPw);
mail($_POST['email'], tr('request_mail_p_subj'), sprintf(tr('request_mail_p_body'), $newPw));
$formProcessed = tr('request_mail_sent');
} else {
MessageManager::addWarning(tr('request_nosuchaccount'));
}
} elseif (isset($_POST['username'])) {
// send username
$user = ServerInterface::getInstance()->getUserByEmail(intval($_POST['serverid']), $_POST['email']);
if ($user != null) {
mail($_POST['email'], tr('request_mail_u_subj'), sprintf(tr('request_mail_u_body'), $user->getName()));
$formProcessed = tr('request_mail_sent');
} else {
MessageManager::addWarning(tr('request_nosuchaccount'));
}
}
}
?>
<div id="content">
<?php
if (isset($formProcessed)) {
?>
<h1 class="alignc">Data Sent</h1>
<p><?php
echo $formProcessed;
?>
</p>
<?php
} else {
/**
* Get the (translated/local) text for the ID / text index
* @param $textname text index
* @return string localized text
*/
public function getText($textname)
{
if (!isset($this->text[$textname])) {
MessageManager::addWarning('Translation for key "' . $textname . '" not found!');
return '???';
}
return $this->text[$textname];
// w3c validator doesn't like html (tags) in javascript areas. maybe, or not:
//return htmlspecialchars($this->text[$textname]);
}
